Here are top four IT security predictions for 2018 and what you can do to prepare for them:


  1. Massive Cloud Data Breach

Companies have moved to cloud data services faster than anticipated and take-up of cloud computing will continue to increase having from $99B in 2017 to $117B in 2018 (Source: Imperva).

In 2018, in parallel with the take-up of cloud computing, we’ll see massive cloud data breaches—primarily because companies are not yet fully aware of the complexities involved in securing cloud data.

It is estimated that in 2017 alone, over 99 billion records were exposed because of data breaches. Of the various circumstances behind the breaches, hacking of IT systems is by far the most prevalent cause, followed by poor security, inside jobs, and lost or stolen hardware and media.

It is also estimated that the average cost of a data breach will be over $150 million by 2020, with the global annual cost forecast to be $2.1 trillion.


  1. Malicious Use of AI/Deception of AI Systems

The malicious use of artificial intelligence (AI) will continue to grow quickly. There are already early traces of attackers leveraging AI to learn normal behavior and mimic that behavior to bypass current user and entity behavior analytics (UEBA) solutions.

It’s still a very early stage and will continue to mature beyond 2018. However, it will force current UEBA vendors to come up with a 2.0 approach to identifying anomalous behavior. Without proper awareness and security measures, AI can be easily fooled by adversarial behavior. In 2018 we will see more:

  • Attacks on AI systems (for example, self-driving cars)
  • Cyber attackers who adapt their attacks to bypass AI-based cybersecurity systems


  1. Cyber Extortion Targets Business Disruption

Cyber extortion will be more disruption focused. Encryption, corruption, and exfiltration will still be the leaders in cyber extortion, but disruption will intensify this year, manifesting in disabled networks, internal network denials of service, and crashing email services.


While absolute protection is impossible, you can help lower your chance of business interruption due to a cyber-attack. Start by creating a formal, documented risk management plan that addresses the scope, roles, responsibilities, compliance criteria and methodology for performing cyber risk assessments.

This plan should include a characterization of all systems used at the organization based on their functions, the data they store and process, and their importance to the organization.


  1. Breach by Insiders

Businesses are relying more on data which means more people within the business have access to it. The result is a corresponding increase in data breaches by insiders either through intentional (stealing) or unintentional (negligent) behavior of employees and partners.

Insider threats are the cause of the biggest security breaches out there, and they are very costly to remediate. According to a 2017 Insider Threat Report, 53% of companies estimate remediation costs of $100,000 and more, with 12% estimating a cost of more than $1 million. The same report suggests that 74% of companies feel that they are vulnerable to insider threats, with seven percent reporting an extreme vulnerability.

Insider threats are one of the top cybersecurity threats and a force to be reckoned with. Every company will face insider-related breaches sooner or later regardless of whether it is caused by a malicious action or an honest mistake. And it’s much better to put the necessary security measures in place now than to spend huge sums of money later.

These are the steps every company should take to minimize insider threats:

  • Background checks
  • Watch employee behavior
  • Use the principle of least privilege
  • Control user access
  • Monitor user actions
  • Educate employees


Join Signal Alliance on Wednesday, February 7th, 2018 for a live webinar where we’ll discuss on developing a modern cybersecurity strategy. Click here to register.